Meltdown and Spectre – McAfee Product Compatibility Update

Environment

Multiple McAfee Products

NOTE: This article applies only to McAfee business and enterprise products. If you need information or support for McAfee consumer or small business products, visit https://service.mcafee.com.

Summary

This article provides updated information to our blog post titled "Decyphering the Noise Around 'Meltdown' and 'Spectre'."

Recent updates to this article

Date Update
January 23, 2018 Updated "Appliance Compatibility for McAfee Products" list to include Vulnerability Manager 7.5.12.
January 22, 2018 Updated "Linux and MacOS Compatibility for McAfee Products" list to include McAfee Agent 4.8 and later.
January 19, 2018 Updated text in the "Automated Mechanism to Deploy the Registry Key Update" section. 
January 16, 2018 Updated list of tested product versions.
January 12, 2018 Updated list of tested product versions.

McAfee is testing to ensure product compatibility with operating system patches related to “Spectre” and “Meltdown.” This document contains the current status of this testing, and will be updated as additional results are available.

To receive email notification when this article is updated, click Subscribe on the right side of the page. You must be logged on to subscribe.

We have not seen and do not expect to see any issues with any versions of our product.

For more information about the “Spectre” and “Meltdown” attack methods, also see our blog “Decyphering the Noise Around ‘Meltdown’ and ‘Spectre’”: https://securingtomorrow.mcafee.com/mcafee-labs/decyphering-the-noise-around-meltdown-and-spectre/.

Windows Product Compatibility for McAfee Products

Microsoft has requested security vendors to perform additional testing with their January 3 update, to ensure compatibility with that update. Microsoft introduced a new registry key with this update, to control whether or not the update will be available via the Windows Update service.

Automated Mechanism to Deploy the Registry Key Update

Starting with the January 10th DAT (3221.0) updates for Endpoint Security (ENS) 10.0.2 and later, the registry key will be automatically updated for customers.

NOTE: Safety Pulse (enabled by default) must be enabled to download ENS DAT 3221.0. ​

Starting with the January 12th DAT (8772), customers who use VirusScan Enterprise (VSE) 8.8 and receive DAT updates will have the registry key automatically updated.

The DAT adds the check for the registry key, and sets it if it is not present. Customers who have already set a registry key should not have any issues.

For customers using ENS 10.0.1 or earlier, see KB90180 - How to deploy the required registry key via automated executable.

IMPORTANT: The compatibility registry key is a Microsoft requirement, and will be required for this and future Microsoft updates.

Manual Methods to Deploy the Registry Key Update

To receive patches via Windows Update, customers are advised to create the following new registry key:

RegKey="HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat"
Value Name ="cadca5fe-87d3-4b96-b7fb-a231484277cc"
Type="REG_DWORD"
Data="0x00000000"

In environments with Active Directory, this key can be deployed via GPO. Instructions on how to deploy via GPO are available at: https://technet.microsoft.com/en-us/library/cc753092%28v=ws.11%29.aspx

Customers who are not using Windows Update can directly download and apply the Windows Update from the Windows Update Catalog at: support.microsoft.com/en-us/help/323166/how-to-download-updates-that-include-drivers-and-hotfixes-from-the-win.

NOTE: When downloading Windows updates, Windows 7 operating systems should be updated to SP1 for pulling updates from Microsoft Windows Update.

The following products have been tested and are confirmed as compatible:

Testing is ongoing for all McAfee products and no compatibility issues with the Microsoft update have been found so far. We expect all of our testing to be complete on our endpoint products soon, and will update this article when we have a new estimated completion date.

  • Application and Change Control 6.1.0 and later
  • Data Exchange Layer 3.0.0 and later
  • Data Loss Prevention 9.3 and later*
  • Database Activity Monitor/Sensor 4.6 and later
  • Drive Encryption 7.1 and later
  • ePO 5.1 and later
  • ePO MER 3.1 and later
  • ePO MVT 8.2 and later
  • Endpoint Intelligence Agent 2.6.2 and later
  • Endpoint Security 10.2 and later
  • File and Removable Media Protection 4.3.1 and later
  • Host IPS 8.0 Patch 4 and later
  • McAfee Active Response 1.1 and later
  • McAfee Agent 4.8 and later
  • McAfee Client Proxy 1.2 and later
  • MOVE Antivirus Multi-Platform 3.6 and later
  • Management of Native Encryption 4.0 and later
  • Network Security Manager 9.1 and later
  • Policy Auditor for Windows 6.2.0 and later
  • Security for Domino Windows 7.5.3 and later
  • Security for Microsoft Exchange 8.0 and later
  • Security for Microsoft Sharepoint 3.0 and later
  • SiteAdvisor Enterprise 3.5 Patch 3 and later
  • System Information Reporter 1.0 and later
  • Threat Intelligence Exchange Client for VSE 1.0.2 and later
  • VirusScan Enterprise 8.7 Patch 5, 8.8 RTW and later
  • VirusScan Enterprise for Storage 1.2 and later

BACK